ansible SSH connection fail

Question

I'm trying to run ansible role on multiple servers, but i get an error:

fatal: [192.168.0.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true}

My /etc/ansible/hosts file looks like this:

192.168.0.10 ansible_sudo_pass='passphrase' ansible_ssh_user=user
192.168.0.11 ansible_sudo_pass='passphrase' ansible_ssh_user=user
192.168.0.12 ansible_sudo_pass='passphrase' ansible_ssh_user=user

I have no idea what's going on - everything looks fine - I can login via SSH, but ansible ping returns the same error.

The log from verbose execution:

<192.168.0.10> ESTABLISH SSH CONNECTION FOR USER: user <192.168.0.10> SSH: EXEC ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=user -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.0.10 '/bin/sh -c '"'"'( umask 22 && mkdir -p "echo $HOME/.ansible/tmp/ansible-tmp-1463151813.31-156630225033829" && echo "echo $HOME/.ansible/tmp/ansible-tmp-1463151813.31-156630225033829" )'"'"''

Can you help me somehow? If I have to use ansible in local mode (-c local), then it's useless.

I've tried to delete ansible_sudo_pass and ansible_ssh_user, but it did'nt help.

score 70 · Accepted Answer · edited Feb 09 '21 at 11:09

70

You need to change the ansible_ssh_pass as well or ssh key, for example I am using this in my inventory file:

192.168.33.100 ansible_ssh_pass=vagrant ansible_ssh_user=vagrant

After that I can connect to the remote host:

ansible all -i tests -m ping

With the following result:

192.168.33.100 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

Hope that help you.

EDIT: ansible_ssh_pass & ansible_ssh_user don't work in the latest version of Ansible. It has changed to ansible_user & ansible_pass

edited Feb 09 '21 at 11:09

Avik

371
4
15

answered May 13 '16 at 15:45

Arbab Nazar

22,378
10
76
82

4

Yes! I was missing the ansible_ssh_pass variable. Everything works like charm right now. Thank you so much! – Thomas May 13 '16 at 15:55
1

According to http://docs.ansible.com/ansible/intro_inventory.html it should be `ansible_user` and not `ansible_ssh_user`. – Matthias May 31 '16 at 19:14
If you search the `ansible_ssh_user` then you can find in the mentioned link, it was using in ansible 1.9 but in ansible 2.0 they have changed it to `ansible_user` but `ansible_ssh_user` is still valid in both. – Arbab Nazar May 31 '16 at 20:53
1

The `hosts` file I had only has the IP address. After I suffixed it with `ansible_ssh_pass=vagrant ansible_ssh_user=vagrant`, ping started working. Thanks !! – Neo Jul 27 '16 at 07:17
@Matthias Those variables are for ssh module and for ansible 2.9 (the latest at the moment) both are good. Please, see [here](https://docs.ansible.com/ansible/latest/plugins/connection/ssh.html#ssh-connection) – ivan_onys Dec 25 '19 at 12:00

score 11 · Answer 2 · edited Mar 06 '20 at 13:08

11

mkdir /etc/ansible
cat > hosts
default ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=.vagrant/machines/default/virtualbox/private_key

Go to your playbook directory and run ansible all -m ping or ansible ping -m "server-group-name"

edited Mar 06 '20 at 13:08

chiducaf

773
5
8

answered Sep 27 '16 at 17:37

SJP

221
3
6

Please, explain how answer addresses ssh connection problem. – ivan_onys Dec 25 '19 at 12:04
This answer helped me with a similar issue to yours. Indeed, I was able to connect through plain ssh and even through ansible ping, but not launching a playbook. What helped me is the `ansible_ssh_private_key_file` attribute, because it is not located in the default dir. – Davide Calarco Sep 29 '22 at 15:59

score 3 · Answer 3 · answered Mar 01 '18 at 00:16

3

I had this issue, but it was for a different reason than was documented in other answers. My host that I was trying to deploy to was only available by going through a jump box. Originally, I thought that it was because Ansible wasn't recognizing my SSH config file, but it was. The solution for me was to make sure that the user that was present in the SSH config file matched the user in the Ansible playbook. That resolved the issue for me.

answered Mar 01 '18 at 00:16

entpnerd

10,049
8
47
68

1

Exactly right. After changing the `remote_user: root` to match the user in the `.ssh/config` it worked. – Aleks Aug 17 '22 at 10:58

score 2 · Answer 4 · edited Sep 12 '16 at 17:51

2

Try to modify your host file to:

192.168.0.10
192.168.0.11
192.168.0.12

edited Sep 12 '16 at 17:51

Arbab Nazar

22,378
10
76
82

answered Jul 13 '16 at 11:35

Nikola

64
3

score 1 · Answer 5 · edited Apr 07 '18 at 00:35

$ansible -m ping all -vvv

After installing ansible on Ubuntu or CentOS. You can have messages below. Do not panic, you must have an access right to the file /tmp of user [/home/user_name/.ansible/tmp/]. "Authentication or permission failure".

This preconisaion will solve the problem.

[Your_server ~]$ ansible -m ping all
rusub-bm-gt | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
Your_server | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

leanghy · Answer 6 · 2020-01-09T18:44:19.097

0

Best Practice for me I'm using SSH keys to access to server hosts

1.Create hosts file in inventories folder

[example]

example1.com

example2.com

example3.com

2. Create ansible-playbook file playbook.yml

---

- hosts:

- all

- roles:

- example

3. let's try to deploy ansible-playbook with multiple server hosts

ansible-playbook playbook.yml -i inventories/hosts example --user vagrant

edited Jan 09 '20 at 18:44

answered Jan 09 '20 at 18:14

leanghy

50
6

score 0 · Answer 7 · answered Apr 10 '23 at 12:55

0

I managed to fix the issue by following the sulition provided in this link.

Basically, append the content of id_rsa.pub file, into the authorised_keys file.

answered Apr 10 '23 at 12:55

Shobeira

29
5

score -1 · Answer 8 · edited Sep 23 '16 at 10:56

-1

The ansible_ssh_port changed while reloading the vm.

==> default: Booting VM...

==> default: Waiting for machine to boot. This may take a few minutes...

default: SSH address: 127.0.0.1:2222

default: SSH username: vagrant

default: SSH auth method: private key

So I had to update the inventory/hosts file as follows:

default ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user='centos' ansible_ssh_private_key_file=<key path>

edited Sep 23 '16 at 10:56

Arbab Nazar

22,378
10
76
82

answered Sep 22 '16 at 18:14

Geetha

19
1
3

Please, explain what answer has to do with ssh connection problem and why vagrant on localhost is relevant. – ivan_onys Dec 25 '19 at 12:05

ansible SSH connection fail

8 Answers8

Linked